[sldev] Re: "But your IP wouldn't be safe"
Jason Giglio
gigstaggart at gmail.com
Mon Jul 9 18:08:13 PDT 2007
Able Whitman wrote:
> A subtle but important point is that the viewer discloses the client IP
> only to the servers that make up the grid, *not* to other users who are
People who provide web textures are no longer users, they are content
providers.
> A user's IP address is protected from other users because, for the most
> part, all interactions with other avatars takes place via the grid, so
> there are never direct connections between individual clients. If
> someone has malicious intents and wishes to directly attack the client
> of another user, the viewer does not provide the would-be attacker with
> enough information to do so.
This is a mere coincidence of the design, not a design goal.
Back in 2001 or whenever, I seriously doubt the founders of Linden Lab
said "Hey, lets make a huge, slow, anonymizing proxy service, where all
the data flows through our central servers to protect people's IP
addresses from being discovered."
> And importantly, both avenues can be disabled without serious loss of
> viewer functionality.
If you expect to use the Internet without exposing your IP to content
providers, you should expect serious loss of functionality.
> In the case of P2P texture distribution, without explicit controls
I don't support this silly P2P texture idea. I'm only talking about
this in terms of web textures, HTML-on-a-prim, ... pretty much all the
exciting future features that will prevent Second Life from becoming
irrelevant.
> Worse, the target user has little ability to opt-out of this avenue of
> information disclosure, since texture downloads happen automatically.
> Having the user disable P2P texture acquisition would prevent
> information disclosure but also prevent the user's viewer from being
> able to display all of the textures needed to render a scene. This is a
> significant loss of functionality.
If you expect to use the Internet without exposing your IP to content
providers, you should expect serious loss of functionality.
> Of course, not everyone is as sensitive to the disclosure of their IP
> address as others, but this does not make the issue of information
> disclosure any less important. Currently the viewer offers reasonable
> control over this kind of disclosure, and new features should not
> degrade this control, especially not by default, and especially not in a
> manner which is not practically reversible.
It should, by default, because there is no way Linden Lab can become
some huge anonymizing proxy service. The future viability of Second
Life as a platform for providing content rests on decentralization.
Decentralization means third party content that does *not* flow through
Linden Lab servers, in many cases.
-Jason
More information about the SLDev
mailing list